blob: db95f003eab6663dc6164b0f95fab505641c57fb (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
Candidate: CVE-2004-0816
References:
MANDRAKE:MDKSA-2005:022
URL:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:022
SUSE:SUSE-SA:2004:037
URL:http://www.novell.com/linux/security/advisories/2004_37_kernel.html
BID:11488
URL:http://www.securityfocus.com/bid/11488
SECUNIA:11202
URL:http://secunia.com/advisories/11202/
XF:linux-ip-packet-dos(17800)
URL:http://xforce.iss.net/xforce/xfdb/17800
Description:
Integer underflow in the firewall logging rules for iptables in Linux before
2.6.8 allows remote attackers to cause a denial of service (application crash)
via a malformed IP packet.
Notes:
jmm> Quoting from http://groups.google.com/group/nz.comp/msg/71ec927b491f247d:
jmm> The bug, discovered by Richard Hart, does not affect the 2.4 series kernel
jmm> Quoting from http://www.novell.com/linux/security/advisories/2004_37_kernel.html:
jmm> This problem has already been fixed in the 2.6.8 upstream Linux kernel,
jmm> this update contains a backport of the fix.
jmm> So I'm marking all kernels N/A
Bugs:
upstream:
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
2.4.17-woody-security: N/A
2.4.16-woody-security: N/A
2.4.17-woody-security-hppa: N/A
2.4.17-woody-security-ia64: N/A
2.4.18-woody-security-hppa: N/A
|